Jeffrey Voas (US) - Mobile App Addiction: Threat to Our Businesses?

These days it’s commonplace to have a processor inside your pocket that’s many times more powerful than the early, mammoth-sized computers. Giving individuals this kind of information processing power might be the single most impressive technical achievement of the 21st century. Nobody knows what the full impact of this transformation will be, but it’s clear that our embrace of, and reliance on, cheap and easily accessible information presents huge security implications—particularly for businesses whose workforce uses the same device for both work and personal reasons.

The software apps that users can load onto their advanced mobile devices create powerful, integrated, and interactive computing platforms, and the emergence of the cloud mitigates storage issues. Today’s smartphone is nearly as much a computer as a laptop. Mobile games and applications entertain, connect, locate, inform, document, shop, search, and compute. It’s a staggering increase.

In 2010, Apple’s website boasted it had over 200,000 highly controlled iPhone apps. The numbers soar further with Google’s Droid and other mobile products, whose open apps are growing at least as rapidly under less rigorous control. While core mobile apps often come preinstalled on phones, users are now frequently downloading a wide array of additional apps to customize their mobile device. The phenomenal number of new mobile apps is analogous to the explosive development of individual websites in the 1990s. Yet with this growth comes new challenges.

With more people using the same phone for business and personal reasons, the upsurge in smartphone hacking presents a real issue for businesses as well as consumers. A company can have all appropriate firewalls in place, but it takes just one employee to download malware onto their phone. In fact, with more senior level employees using phones for work, it is likely to be C-suite executives exposing businesses to vulnerabilities.

Direct access to hardware on mobiles—such as cameras and microphones—add to the diversity of potential apps but can also add security risks. Moreover, access to the Internet and remote GPS satellites further add to the variety of features and potential for threat exploitation available on mobile devices.

One example is the Trojan-horse wallpaper app. The app, which seemed to offer nothing more than a pretty picture, collected personal information and emailed it abroad. Such security threats are likely to become increasingly problematic as more people rely on relatively small and inexpensive pieces of software fetched off the Internet. According to security company Lookout, “wallpaper apps allegedly downloaded by over a million Android users [have] been covertly collecting user info and sending it to China.” There’s no question that the concept of trust should become more central, particularly in the mobile apps world – and particularly for businesses entrusting employees with sensitive data on their phones.

We’re already becoming addicted to this new approach to information, without knowing how to ensure that the technology and the people behind it can be trusted. Users increasingly must focus on how the magic is accomplished instead of merely being dazzled by the special effects.

Today, computing is looking more and more “commodity-like.” Computing hardware continues to dive in price, soar in capacity, and shrink in size. Internet and mobile phone connections are increasingly commonplace and natural. We expect to connect seamlessly to information in our daily routines, and we are surprised, inconvenienced, and often annoyed when we can’t. As our conscious attention dwells less and less on the details of how information is delivered, information becomes the real commodity.

If computing and information are to become commodities, then cloud computing will likely become the supply-side infrastructure that makes apps commonplace and highly addictive. Apps become our shiny new tools that deliver information rapidly and on-demand, into the hands of consumers and business people. And with this marriage between apps and clouds, most consumers are oblivious to the complex details behind the scenes that make it all happen—as they should be. However, the risks the users inherit for this extreme convenience is no different from the adage “ignorance of the law is no excuse.”By Jeffrey Voas, IEEE Fellow (Institute of Electrical and Electronics Engineers); George Hurlburt, Change-Index; Keith W. Miller, University of Illinois at Springfield.